Boxoft Convert Master 1.3.0 - (wav) SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python code...

Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-conver=t-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python...

kernel: referencing inode of removed superblock in get_futex_key() causes UAF

A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as...

ASB-A-159060474

In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local non-security issue with User execution privileges needed. User interaction is not needed for exploitation...

Google Android Resource Management Error Vulnerability (CNVD-2020-59732)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. Android Pixel suffers from a security vulnerability that stems from a memory error caused by the Catpipe library. An attacker can exploit the vulnerability to perform privilege escalation locally...

Blueman Injection Vulnerability

Blueman is a graphical Bluetooth management tool for the GNOME desktop environment from the Blueman team. The main functions are: sending files, browsing files on the device, viewing information about local or remote devices, configuring local devices, managing bindings, binding services, etc...

Guild Wars 2 - Insecure Folder Permissions

Exploit Title: Guild Wars 2 - Insecure Folder Permissions Date: 2020-10-09 Exploit Author: George Tsimpidas Software Link : https://account.arena.net/welcome Version Build : 106915 Tested on: Microsoft Windows 10 Home 10.0.18362 N/A Build 18362 Category: local Vulnerability Description: Guild War...

UBUNTU-CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...

kernel: possible to send arbitrary signals to a privileged (suidroot) parent process

A flaw was found in the Linux kernel loose validation of child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process...

kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c

A use-after-free flaw was found in the Linux kernel’s ext4 file system functionality when the user mount ext4 partition, with the usage of an additional debug parameter is defining an extra inode size. If this parameter has a non zero value, this flaw allows a local user to crash the system when...

Boxoft Convert Master 1.3.0 wav SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 wav SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-convert-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python code...

Information disclosure

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to eithe...

UBUNTU-CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

CVE-2020-3388

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating t...

kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c

A flaw was found in the way the mwifiexcmdappendvsietlv in Linux kernel's Marvell WiFi-Ex driver handled vendor specific information elements. A local user could use this flaw to escalate their privileges on the system...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-SMB 该资源为CVE-2020-0796漏洞复现，包括Python版本和C++版本。主要是集合了github大神们的资源，希望您喜欢 C++ Python EXP POC 漏洞利用： - 本地EXP提权：https://github.com/danigargu/CVE-2020-0796 - 本地EXE提权: https://github.com/f1tz/CVE-2020-0796-LPE-EXP - POC版本提权： https://github.com/eerykitty/CVE-2020-0796-PoC -...

CVE-2020-13431

CVE-2020-13431 affects I2P before 0.9.46. Local privilege escalation via a Trojan horse I2PSvc.exe is possible due to weak permissions on a specific %PROGRAMFILES% subdirectory. CVSS vectors indicate high impact (C/H/I/H) with local access, low attack complexity, and no user interaction required....

PT-2020-1257 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.8 Description: The issue is related to a use-after-free vulnerability in the fs/block dev.c file of the Linux kernel. This vulnerability can be exploited by local users to gain privileges or cause a denial of...

Out-of-bounds

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Elevation of Privilege Vulnerability in Linux Kernel (CNVD-2020-32597)

The Linux Kernel is a computer operating system kernel written in C and assembly languages, compliant with the POSIX standard, and distributed under the GNU General Public License. Linux Kernel suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a...